rdiffweb is vulnerable to path traversal. The vulnerability exists in dispatch.py
due to improper access restrictions allowing an attacker to traverse the file system accessing files or directories that are outside of the restricted directory on the remote server.